TPMs are good for something
TPMs (Trusted Platform Modules) have long been avoided on Linux, given that their primary use cases have historically been around licensing and Digital Rights Management, concepts which are mostly foreign to Free and Open Source software. However, as new use cases, such as “trusted boot” have emerged, developers have added TPM device drivers to the Linux kernel to enable these uses. One often-overlooked feature of the TPM is that it has a hardware pseudo-random number generator.
A while back, Jeff Garzik and others were discussing this on the linux-kernel mailing list (summarized on LWN.net), where it was suggested that the TPM could be used to feed the rngd (random number gathering daemon) tool, just as it reads from other hardware random number generators. The rngd program reads from hardware-based random number generators and feeds entropy into the kernel’s entropy pool. Easy in concept, but lacking in TPM implementation.
As it happens, quite a few Dell systems include a TPM chip, including the PowerEdge 11G servers such as the R610 and R710. So, I asked Dell’s crack team of Linux developers to see what they could do. The result: a patch to rngd which adds the TPM as another source of random numbers for feeding the kernel’s entropy pool.
We’re working with Jeff to get this patch applied to the rng-tools upstream sources, and from there into the various distributions as their schedules permit.
So, should you find yourself running out of entropy on your servers, and not having a keyboard or mouse attached as ways to feed the entropy pool, you can run enable the TPM in BIOS SETUP, run rngd, and never lack for randomness again.
October 19th, 2009 at 11:54 pm
Is TPM “random enough”? It is after all not a white noise generator.
October 20th, 2009 at 1:10 am
Why would this even be done in userspace? That sounds like a round trip too many to me..
October 20th, 2009 at 1:47 am
[...] original here: Matt Domsch: TPMs are good for something Share and [...]
October 20th, 2009 at 8:54 am
That’s what we all need… more entropy.
October 20th, 2009 at 3:40 pm
I don’t suppose you can do anything about getting Rajiv Andrade’s iTPM patches accepted into the mainline kernel? We use the TPM as a smartcard, and newer laptops with iTPM chips are currently completely unsupported by Linux.
October 20th, 2009 at 10:11 pm
It’s up to Rajiv as the TPM maintainer to keep submitting to Andrew or a subsystem tree to get it merged. I submitted a patch yesterday for the tpm_tis driver, to let it be autoloaded on appropriate systems, which Rajiv ack’ed and copied Andrew on his ack. I know Andrew is at the Kernel Summit this week, and my get buried in a backlog thereafter. The other option would be to get it into linux-next somehow, either through another subsystem tree or by getting Stephen to add Rajiv’s tree to the linux-next forest.
October 23rd, 2009 at 1:43 am
[...] some TPM coding I’d done to get random bytes from the pRNG on my TPM-enabled system from Matt Domsch’s recent post. I’m not fully convinced that the pRNG of the TPM is an appropriate source of entropy, but it [...]
October 23rd, 2009 at 4:55 am
See my comment on…
http://www.outflux.net/blog/archives/2009/10/22/tpm-as-rng/comment-page-1/#comment-793
October 23rd, 2009 at 10:05 am
[...] some TPM coding I’d done to get random bytes from the pRNG on my TPM-enabled system from Matt Domsch’s recent post. I’m not fully convinced that the pRNG of the TPM is an appropriate source of entropy, but it [...]
October 26th, 2009 at 2:06 pm
There is temporal entropy (a clock source – or *when* you boot your machine) and spacial entropy (a location – or *where* you boot your machine) and yes we also need *which* machine was booted. For location GPS coords work in physical space, an IP number works in network space to some degree, and I guess TPM would work in its specific license space helping to address the *which* question. But is a folded UUID string being used too? Is UUID possibly an all around better source than TPM? Of course there is no need to minimize entropy sources but picking ones that provide distinction across all known domains whether or not the user has bought a license is useful.